trailofbits/skills
These skills were imported into SkillJury from the public skills ecosystem.
token-integration-analyzer
Comprehensive token security analyzer checking ERC20/ERC721 conformity, 24+ weird token patterns, and integration safety.
variant-analysis
Find similar vulnerabilities and bugs across codebases using pattern-based analysis.
address-sanitizer
Memory error detection for C/C++ fuzzing via compile-time instrumentation.
aflpp
Multi-core fuzzer for C/C++ projects with advanced instrumentation and mutation strategies.
algorand-vulnerability-scanner
Detects 11 Algorand-specific smart contract vulnerabilities including rekeying attacks, unchecked transaction fields, and access control issues.
atheris
Coverage-guided Python fuzzer for pure code and C extensions with integrated memory sanitization.
burpsuite-project-parser
Search and extract HTTP traffic, audit findings, and security data from Burp Suite project files via CLI.
cairo-vulnerability-scanner
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, and signature replay attacks.
cargo-fuzz
Cargo-based fuzzing for Rust projects using libFuzzer with integrated sanitizer support.
claude-in-chrome-troubleshooting
Diagnose and resolve Claude in Chrome MCP extension connectivity conflicts on macOS.
constant-time-analysis
Detects timing side-channel vulnerabilities in cryptographic code across 12 languages.
constant-time-testing
Detect timing side channels in cryptographic implementations to prevent secret extraction attacks.
cosmos-vulnerability-scanner
Scans Cosmos SDK blockchains and CosmWasm contracts for 9 consensus-critical vulnerabilities.
debug-buttercup
Diagnose and resolve Buttercup CRS pod crashes, cascading failures, and service misbehavior on Kubernetes.
designing-workflow-skills
Structural design patterns and principles for reliable multi-step Claude Code workflow skills.
devcontainer-setup
Pre-configured devcontainer with Claude Code, language detection, and multi-language tooling support.
dwarf-expert
Technical expertise for analyzing DWARF debug files and understanding the DWARF standard (v3–v5).
firebase-apk-scanner
Identifies Firebase security misconfigurations in Android APKs including open databases, storage buckets, and unauthenticated endpoints.
fuzzing-dictionary
Domain-specific token guidance for fuzzers targeting parsers, protocols, and file formats.
git-cleanup
Safely analyze and delete local git branches and worktrees with two-gate confirmation workflow.
harness-writing
Techniques for writing effective fuzzing harnesses across languages and frameworks.
interpreting-culture-index
Interprets Culture Index behavioral profiles, team dynamics, and hiring fit using trait analysis and burnout detection.
let-fate-decide
Draws 4 Tarot cards using cryptographic entropy to guide decisions when prompts are vague or ambiguous.
libafl
Modular Rust fuzzing library for building custom fuzzers with fine-grained control over feedback, mutation, and execution.